Lucene search
K
SolarwindsNetwork Configuration Manager

7 matches found

CVE
CVE
added 2023/11/01 3:31 p.m.79 views

CVE-2023-33226

CVE-2023-33226 affects SolarWinds Network Configuration Manager (NCM). Multiple connected sources describe a Directory Traversal Remote Code Execution flaw in NCM, enabling code execution with SYSTEM privileges after exploiting path handling in ExportConfigs (root cause: improper validation of us...

8.8CVSS8.3AI score0.0184EPSS
CVE
CVE
added 2023/11/09 3:5 p.m.72 views

CVE-2023-40054

CVE-2023-40054 relates to SolarWinds Network Configuration Manager. The connected documents confirm a Directory Traversal Remote Code Execution vulnerability that can allow a low-privilege user to execute actions with SYSTEM privileges. The core issue is consistent with a directory traversal flaw...

8.8CVSS8.3AI score0.02983EPSS
CVE
CVE
added 2023/11/01 3:32 p.m.66 views

CVE-2023-33228

CVE-2023-33228 affects SolarWinds Network Configuration Manager. The issue permits users with administrative access to the SolarWinds Web Console to disclose sensitive information. According to NVD, AV Network, PR High, UI N, S U, C High, I/N, A None with a 3.1 base score of 4.9 (Medium). Related...

4.9CVSS5.1AI score0.00436EPSS
CVE
CVE
added 2023/11/01 3:31 p.m.65 views

CVE-2023-33227

Summary (CVE-2023-33227): The Network Configuration Manager (SolarWinds) is affected by a Directory Traversal Remote Code Execution vulnerability. A low-level user can execute actions with SYSTEM privileges. Multiple connected sources (NVD/Red Hat/Nessus/NCSC) confirm the issue and note that reme...

8.8CVSS8.3AI score0.0184EPSS
CVE
CVE
added 2022/10/10 12:0 a.m.55 views

CVE-2021-35226

CVE-2021-35226 affects SolarWinds Network Configuration Manager (NCM). A misconfiguration in NCM exposes a password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role. Documented impact is limited to credential expos...

6.5CVSS6.6AI score0.00446EPSS
CVE
CVE
added 2014/08/07 10:0 a.m.46 views

CVE-2014-3459

The CVE-2014-3459 issue affects SolarWinds Network Configuration Manager (NCM) prior to version 7.3, where a heap-based buffer overflow in the PEstrarg1 property can be exploited to execute arbitrary code. The root cause is a failure to validate the input size before copying into a fixed-size hea...

6.8CVSS8.3AI score0.11564EPSS
CVE
CVE
added 2023/11/09 3:6 p.m.43 views

CVE-2023-40055

CVE-2023-40055 affects SolarWinds Network Configuration Manager. The vulnerability is a Directory Traversal Remote Code Execution that could allow a low-privilege user to perform actions with SYSTEM privileges. The issue is noted as not resolved in CVE-2023-33227, with corroborating details from ...

8.8CVSS8.3AI score0.02139EPSS